This article is intended for administrators.
- ☝️ Enable SAML integration for your Elevo space
- ⚙️ Add Elevo as a SAML Application
- 💾 Upload iDP metadata to Elevo
- 😃 Add users to the Elevo app
Elevo allows you to use your Microsoft Azure login to connect. To do this, you'll need to do a little configuration on both sides (Elevo and Microsoft Azure).
☝️ Enable SAML integration for your Elevo space
Contact our support@elevo.io who will provide you with the following information:
- ACS Dedicated URL
⚙️ Add Elevo as a SAML Application
1️⃣ Log in to your Microsoft Azure Dashboard and select "Azure Active Directory" in the left column. Then select "Enterprise Applications" in the pane that just opened and click the "New Application" button.
2️⃣ In the new menu that opens in the center window, select "Non-gallery application". In the menu that opens on the right side of the window, in the "Name" section, enter "Elevo".
3️⃣ Then click the "Add" button at the bottom of this menu.
4️⃣ You will then be redirected to a page entitled "Elevo - Overview". From this page, in the left-hand menu, select "Single Sign-on", then "SAML" in the pane that appears in the center of the window.
5️⃣ You will now arrive at a settings page where you will need to select the "Edit" button in frame number 1, titled "Basic SAML Configuration".
6️⃣ In the form that opens, simply fill in the following fields:
- Identifier (Entity ID): https://app.elevo.fr/sp
- Reply URL (Assertion Consumer Service URL): The URL we provide to you
Then click on the "Save" button at the top left of the form.
7️⃣ Now select the "Edit" button of frame number 2 - "User attributes & Claims". In the pane opening on the right side of your window, select the "Edit" button of the "Name identifier value" field.
8️⃣ A new pane will open. In the "Source attribute" section of it, click on the drop-down menu to select the "user.mail" option, then validate your choice by clicking on the "Save" button at the bottom of the page.
💾 Upload iDP metadata to Elevo
In order for us to enable SSO authentication on our end, we need some information from Microsoft Azure, and available on the same settings page as before.
In frame number 3 - "SAML Signin Certificate" - of the same page, click on the "Download" button in the "Federation Metadata XML" section to download an XML file named "FederationMetadata.xml" that includes all the parameters we need to enable the SSO service for your company.
Contact us directly at support@elevo.io to upload the FederationMetadata.xml file.
😃 Add users to the Elevo app
The final step required to make SSO authentication work is to add your users to the Elevo application in your Microsoft Azure space.
To do so, go to the "Azure Active Directory" tab of your Dashboard, then select "Enterprise applications" from the second menu. Finally, click on the name "Elevo" in the list of applications that appears on the right side of your window.
Select the "Users and groups" menu in the left pane. A new menu will allow you to add users from your Azure space to the Elevo application, which is necessary to enable SSO functionality for them. To do so, select "Add user".
A form opens. Select "Users and groups - None Selected" in the left-hand menu and then select all the employees for whom you want to activate SSO authentication in the right-hand menu.
Finally, click on the "Select" button in the right panel, then on the "Assign" button in the left pane once the previous pane is automatically closed.
Your environment is now set up and SSO authentication is ready to use on Elevo.
However, if you encounter any problems during this process, please contact us directly at support@elevo.io so that we can assist you.